Knowing the Basic Commands

[ LiB ]  

Several common basic commands help you monitor, display, and save your configuration.

These basic commands are

 setup hostname clock set copy erase clear events reset recovery 

The following sections discuss each of these commands and their use.

The setup Command

The setup command has been covered in previous chapters but is included here so you can refer to this chapter for a comprehensive set of fundamental commands. setup allows you to configure several settings on the sensor through what is called a dialog . Dialogs provide an automated way to configure several basic sensor settings by prompting you for the values instead of requiring you to execute the command manually.

The setup command configures these items:

  • Hostname

  • IP address

  • Netmask

  • Default gateway

  • Telnet server

  • Web server port

The following is an example of the first few lines of the setup command outputs:

 sensor#  setup  --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. User ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Current Configuration: 

As you can see from this example, the setup command starts you right into a dialog of question answers.

The hostname Command

You use the hostname command to change the command-line prompt and set the name of your sensor. When the command is executed, you might not see the change take effect until you log on again. This command is a little odd because it can actually be executed in two completely different locations, including the global config prompt, sensor(config)# , and at the networkParams prompt, sensor(config-Host-net)# .

The following displays two different examples of using the hostname command. The first example is

 sensor#  config t  sensor(config)#  hostname sensor1  sensor(config)#  exit  sensor#  exit  sensor1 login: 

Here is example 2:

 sensor#  config t  sensor(config)#  service host  sensor(config-Host)#  networkParams  sensor(config-Host-net)#  hostname sensor1  sensor(config-Host-net)#  exit  sensor(config-Host)#  exit  Apply Changes:?[yes]:  yes  sensor(config)#  exit  sensor#  exit  sensor1 login: 

The first example executes the hostname command at the global configuration level. In the second example, you can see that you need to navigate down several levels before you can execute the host command.

The clock set Command

The clock set command allows you to manually configure the sensor's system clock. The command expects time to be in a 24- hour military format of hh:mm:ss followed by the date. The following displays an example of using the clock set command to set the date and time and the show clock command to display it:

 sensor#  clock set 18:56:00 December 7 2003  sensor#  show clock  *18:56:02 UTC Sun Dec 07 2003 

The copy Command

The copy command is a multipurpose command that allows you to copy configuration files and IP log files. The basic syntax is

 copy [/erase]  source-url destination-url  copy iplog  log-id destination-URL  

Table 8.1 lists options for the copy command and describes their functions.

Table 8.1. copy Command Options




(Optional) Erases the destination file before copying the new file to it. Otherwise, it merges the source and destination.


The source file or URL you want to copy.


The destination you will copy the source to.


The log ID of the IP log file you want to copy. You can retrieve this ID by using the iplog-status command.

This command supports two different types of sources and destinations protocols: File Transfer Protocol (FTP) and Secure Copy Protocol (SCP). Both typically require a username and password before the host allows access.

The following example demonstrates the use of the copy command for copying the current-config file to an FTP server:

 sensor#  copy current-config ftp://dnewman@  File name:  sensorconfig.cfg  Password:  ********  Connected to ( 220 Microsoft FTP Service ftp> user (username) dnewman 331 Password required for dnewman. Password:230 User dnewman logged in. ftp> 200 Type set to I. ftp> put current.cfg sensorconfig.cfg local: current.cfg remote: sensorconfig.cfg 227 Entering Passive Mode (10,1,9,11,11,213). 125 Data connection already open ; Transfer starting. 226 Transfer complete. 40013 bytes sent in 0.00494 secs (7.9e+03 Kbytes/sec) ftp> sensor# 

As this example shows, the copy command prompts you for items such as filename and password that were left out in the original command. The rest of the code in this example is all the connection transfer details the interface displays during the transfer of data.


Make sure you remember that only administrators can copy configuration files. Operators and viewers can only copy IP log files.

The next example displays copying the IP log file from the sensor to the FTP server for later review:

 sensor#  copy iplog 138297088 ftp://dnewman@  File name:  myipLogfile.log  Password:  ********  Connected to ( 220 Microsoft FTP Service ftp> user (username) dnewman 331 Password required for dnewman. Password:230 User dnewman logged in. ftp> 200 Type set to I. ftp> put iplog.1412.tmp myipLogfile.log local: iplog.1412.tmp remote: myipLogfile.log 227 Entering Passive Mode (10,1,9,11,11,214). 125 Data connection already open; Transfer starting. 226 Transfer complete. 100 bytes sent in 5.9e-05 secs (1.7e+03 Kbytes/sec) ftp> sensor# 

As you can see in this example, the copy iplog command prompts a verbose output text which is virtually identical to that of the copy current-config command.

The erase Command

You use the erase command to delete current-config and backup-config files. If you delete the current-config file, the sensor does not automatically use the backup-config file. Instead, it sets the system back to default.

The following example deletes the current-config file and restores settings back to default:

 sensor#  erase ?  backup-config Delete the backup-configuration file current-config Delete the current-configuration file sensor#  erase current-config  Warning: Removing the current-config file will result in all configuration being reset to default, including system information such as IP address. User accounts will not be erased. They must be removed manually using the "no username" command. Continue? :  yes  

The clear events Command

The clear events command clears the event located in the EventStore . Use this command with caution; make sure that you really want to erase these events before executing this command. The following example displays the command in action:

 sensor#  clear events  Warning: Executing this command will remove all events currently stored in the event store. Continue with clear?  yes  sensor# 

The reset Command

You use the reset command to shut down or reboot the sensor. The powerdown option of the command prepares the sensor for proper shutdown. Without this option, the sensor just reboots. It is recommended that you use this command before you power off the sensor with its power switch. Remember, the sensor is actually a computer with a hard drive and shutting it down nicely will increase its longevity. The following example demonstrates the reboot feature of the reset command:

 sensor#  reset  Warning: Executing this command will stop all applications and reboot the node. Continue with reset?:  yes  Request Succeeded. sensor# 

The recover Command

The recover command is a very powerful command that re-images the application partition with the image stored on the recovery partition. The process takes several reboots to complete and returns the entire configuration setting back to default, except for the networking parameters. The following example displays the recovery command being executed:

 sensor(config)#  recover application-partition  Warning: Executing this command will stop all applications and re-image the node to version 4.0(1)S29. All configuration changes except for network settings will be reset to default. Continue with recovery?:  yes  Request Succeeded sensor(config)# 

[ LiB ]  

CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
Year: 2004
Pages: 213 © 2008-2017.
If you may any questions please contact us: